<?php
session_start(); //Starts session

//if userNum is set, and the user is an ADMIN
if(isset($_SESSION['userNum'])&& $_SESSION['voter_permission'] == 'Admin'){
	$userNum = $_SESSION['userNum'];
	$pageTitle = $_SESSION['title'];
	$server = $_SESSION['server'];
	$user = $_SESSION['user'];
	$pass = $_SESSION['pass'];
	$db = $_SESSION['db'];
	
	$ifLoginIsSingle = checkSessionID($_SESSION['sid'],$userNum,$server,$user,$pass,$db);
		
		if($ifLoginIsSingle == "False"){
			session_destroy(); 
			header('Location: home.php');
		}
	
}else{ // Voter accounts are not allowed to see this!
header('Location: home.php');
}
?>
<html>
<head>
<title>Administrator - <?php echo $pageTitle ?></title>
<?php include('showIcon.php'); ?>
</head>
<body style="background-image:url('images/bg_blue.jpg')">
<div style="position:absolute;left:75px;top: 0px">
<font face = "Arial">
<table style="width: 810px; height: 104px" border="0" cellspacing="0" cellpadding="0">
<?php include("menuButtons.php"); ?>
</table>
<table style="width: 810px;" cellspacing="0" cellpadding="0">
<tr>
<td style="height: 76px; width: 28px;"></td>
<td style="height: 76px" width="808px">
<br><br>
<table style="width: 590px" border="0" cellspacing="0" cellpadding="0">
<form method="post" action="control.php">
<tr>
<td colspan="2">
<h3>Administrative Functions</h3></td>
</tr>
<tr style='background-color:silver'>
<td width = '160px'>
<input type='submit' value='Show Results' name='voteAction' style='width: 111px'></td>
<td>Shows results in window</td>
</tr>

<tr height="10"><td></td></tr>

<tr style='background-color:#CCFFCC'>
<td width = '160px'>
<input type='submit' value='Edit News' name='voteAction' style='width: 111px'></td>
<td>Edit the news ticker shown to all voters</td>
</tr>

<tr height="10"><td></td></tr>

<tr style='background-color:silver'>
<td width = '160px'>
<input type='submit' value='Edit Position' name='voteAction' style='width: 111px'></td>
<td>Edit, Add, Remove Position/s</td>
</tr>

<tr height="10"><td></td></tr>

<tr style='background-color:#CCFFCC'>
<td width = '160px'>
<input type='submit' value='Edit Candidate' name='voteAction' style='width: 111px'></td>
<td>Edit, Add, Remove Candidate/s</td>
</tr>

<tr height="10"><td></td></tr>

</form>
<tr>
<td colspan = '2'>

<table style="width: 590px">
<tr style='background-color:black'><td colspan ='4'><font color ='white'>Voting Manager</font></td></tr>
<tr style='background-color:#CCFFCC'><td style="width: 190px">Position</td><td style="width: 150px">Status</td><td style="width: 92px">Votes Made</td><td style="width: 145px">Functions</td></tr>
<?php
mysql_connect($server,$user,$pass) or die(mysql_error());
mysql_select_db($db) or die(mysql_error());
$positions = mysql_query("Select * from positions");

while($posLine = mysql_fetch_array($positions)){
	
	echo "<form method='post' action='control.php'>";
	echo "<input type='hidden' name='posName' value='".$posLine['pos_name']."'>";
	echo "<input type='hidden' name='posNum' value='".$posLine['pos_num']."'>";
	echo "<tr><td>".$posLine['pos_name']."</td>";
		if($posLine['pos_close_vote'] == 0){
			echo "<td><font color='green'>Open</font></td>";
		}else{
			echo "<td><font color='red'>Closed</font></td>";
		}
	
	mysql_connect($server,$user,$pass) or die(mysql_error());
	mysql_select_db($db) or die(mysql_error());
	$posInfo = mysql_query("SELECT p.pos_num, p.pos_name,p.pos_close_vote,count(*) as 'Votes' from vote_count v, positions p, candidates c Where c.cand_num = v.voted_cand_num And c.cand_pos = p.pos_num And p.pos_num = '".$posLine['pos_num']."' group by p.pos_num");
	
	$count = 0;
	
	while($posInfoLine = mysql_fetch_array($posInfo)){
	$count = $count + $posInfoLine['Votes'];
	
	}
	
	echo "<td align = 'center'>".$count."</td>";
		echo "<td><input type='image' name='voteAction' value= 'Close Vote' src='images/close.png' border='0' title='Close the Voting for ".$posLine['pos_name']."'/>";
		echo "<input type='image' name='voteAction' value= 'Open Vote' src='images/open.png' border='0' title='Open the Voting for ".$posLine['pos_name']."'/>";
		echo "<input type='image' name='voteAction' value= 'Reset Vote' src='images/reset.png' border='0' title='Reset the Voting for ".$posLine['pos_name']."'/>";
		echo "</td></tr></form>";
	
}
//Function checkSessionID()
// -Checks if session in db is same in the session in browser
// If not, it logs out
function checkSessionID($sid,$uname,$sver,$usr,$passwd,$dbase){
mysql_connect($sver,$usr,$passwd) or die(mysql_error());
mysql_select_db($dbase) or die(mysql_error());

	$querySession = mysql_query("SELECT voter_current_session from voters WHERE voter_num = '".$uname."'");	

		while($sessionInDB = mysql_fetch_array($querySession)){
		$loggedSession = $sessionInDB['voter_current_session'];
		}

	if($_SESSION['sid'] == $loggedSession){
	return "True";
	}else{
	return "False";
	}	
}
?>
</table>
</td>
</tr>
</table>
<br><br><br><br><br>
</div>
<?php include('bottomLinks.php'); ?>
</body>
</html>